dauth-md-node 1.0.1 → 2.1.0

package/README.md

@@ -1,6 +1,6 @@
 # dauth-md-node
 
-Express middleware for JWT-based authentication against the [DAuth](https://dauth.ovh) service. Verifies tenant JWTs and fetches the authenticated user from the DAuth backend, attaching it to `req.user`.
+Express middleware for JWT-based authentication against the [Dauth](https://dauth.ovh) service. Verifies tenant JWTs and fetches the authenticated user from the Dauth backend, attaching it to `req.user`.
 
 ## Installation
 
@@ -40,14 +40,14 @@ Factory function that returns an Express middleware.
 
 | Parameter | Type | Description |
 |---|---|---|
-| `domainName` | `string` | Your DAuth domain name (used for API routing) |
+| `domainName` | `string` | Your Dauth domain name (used for API routing) |
 | `tsk` | `string` | Tenant Secret Key for local JWT verification |
 
 ### Middleware Behavior
 
 1. Extracts the `Authorization` header from the request
 2. Verifies the JWT locally using the provided `tsk` (Tenant Secret Key)
-3. Fetches the full user object from the DAuth backend (`GET /tenant/:domainName/user`)
+3. Fetches the full user object from the Dauth backend (`GET /app/:domainName/user`)
 4. Attaches the user to `req.user`
 5. Calls `next()` on success
 
@@ -58,8 +58,8 @@ Factory function that returns an Express middleware.
 | Missing `Authorization` header | 403 | `token-not-found` |
 | JWT expired | 401 | `token-expired` |
 | Invalid JWT or bad TSK | 401 | `tsk-not-invalid` or `token-invalid` |
-| User not found in DAuth backend | 404 | `user-not-found` |
-| DAuth backend server error | 500 | `error` |
+| User not found in Dauth backend | 404 | `user-not-found` |
+| Dauth backend server error | 500 | `error` |
 | Other backend status | 501 | `request-error` |
 
 ### `req.user` Object
@@ -89,7 +89,7 @@ Both `IDauthUser` and `IRequestDauth` are exported from the package for type-saf
 
 ## Real-World Integration Example
 
-This is the pattern used in `easymediacloud-backend-node`, which delegates all user authentication to dauth.
+This is the pattern used in `easymediacloud-backend-node`, which delegates all user authentication to Dauth.
 
 ### 1. Initialize the middleware from environment variables
 
@@ -169,17 +169,17 @@ export const getMyLicenses = async (req: IRequestDauth, res: Response) => {
 ## Environment Detection
 
 - **Development** (`NODE_ENV=development`): Routes API calls to `http://localhost:4012/api/v1`
-- **Production**: Routes API calls to `https://<domainName>.dauth.ovh/api/v1`
+- **Production**: Routes API calls to `https://dauth.ovh/api/v1`
 
 ## Development
 
 ```bash
-npm start          # Watch mode (tsdx watch)
-npm run build      # Production build (CJS + ESM)
-npm test           # Run Jest tests
-npm run lint       # ESLint via tsdx
-npm run size       # Check bundle size (10KB budget per entry)
-npm run analyze    # Bundle size analysis with visualization
+pnpm start         # Watch mode (tsdx watch)
+pnpm build         # Production build (CJS + ESM)
+pnpm test          # Run Jest tests
+pnpm lint          # ESLint via tsdx
+pnpm size          # Check bundle size (10KB budget per entry)
+pnpm analyze       # Bundle size analysis with visualization
 ```
 
 ### Bundle Outputs

package/dist/index.d.mts

@@ -0,0 +1,66 @@
+import { Request, Response, NextFunction } from 'express';
+
+interface CacheOptions {
+    ttlMs: number;
+}
+declare class UserCache {
+    private store;
+    private ttlMs;
+    constructor(options: CacheOptions);
+    get(token: string): IDauthUser | undefined;
+    set(token: string, user: IDauthUser): void;
+    clear(): void;
+    private sweep;
+}
+
+type AuthMethodType = 'password' | 'magic-link' | 'passkey';
+interface IDauthUser {
+    _id: string;
+    name: string;
+    lastname: string;
+    nickname: string;
+    email: string;
+    isVerified: boolean;
+    language: string;
+    avatar: {
+        id: string;
+        url: string;
+    };
+    role: string;
+    telPrefix: string;
+    telSuffix: string;
+    birthDate?: string;
+    country?: string;
+    metadata?: Record<string, unknown>;
+    authMethods?: AuthMethodType[];
+    createdAt: Date;
+    updatedAt: Date;
+    lastLogin: Date;
+}
+interface IRequestDauth extends Request {
+    user: IDauthUser;
+    files: {
+        image: {
+            path: string;
+        };
+        avatar: {
+            path: string;
+        };
+    };
+    headers: {
+        authorization: string;
+    };
+}
+interface DauthOptions {
+    domainName: string;
+    tsk: string;
+    cache?: CacheOptions;
+}
+interface TCustomResponse extends Response {
+    status(code: number): this;
+    send(body?: unknown): this;
+}
+
+declare const dauth: ({ domainName, tsk, cache }: DauthOptions) => (req: IRequestDauth, res: TCustomResponse, next: NextFunction) => Promise<void | TCustomResponse>;
+
+export { type AuthMethodType, type CacheOptions, type DauthOptions, type IDauthUser, type IRequestDauth, UserCache, dauth };

package/dist/index.d.ts

@@ -1,43 +1,66 @@
-import { Request, NextFunction, Response as ExpressResponse, Handler } from 'express';
-export interface IDauthUser {
-    _id: string;
-    name: string;
-    lastname: string;
-    nickname: string;
-    email: string;
-    isVerified: boolean;
-    language: string;
-    avatar: {
-        id: string;
-        url: string;
-    };
-    role: string;
-    telPrefix: string;
-    telSuffix: string;
-    createdAt: Date;
-    updatedAt: Date;
-    lastLogin: Date;
-}
-export interface IRequestDauth extends Request {
-    user: IDauthUser;
-    files: {
-        image: {
-            path: string;
-        };
-        avatar: {
-            path: string;
-        };
-    };
-    headers: {
-        authorization: string;
-    };
-}
-interface TCustomResponse extends ExpressResponse {
-    status(code: number): any;
-    send(body?: any): any;
-}
-export declare const dauth: ({ domainName, tsk, }: {
-    domainName: string;
-    tsk: string;
-}) => (req: IRequestDauth, res: TCustomResponse, next: NextFunction) => Handler | void;
-export {};
+import { Request, Response, NextFunction } from 'express';
+
+interface CacheOptions {
+    ttlMs: number;
+}
+declare class UserCache {
+    private store;
+    private ttlMs;
+    constructor(options: CacheOptions);
+    get(token: string): IDauthUser | undefined;
+    set(token: string, user: IDauthUser): void;
+    clear(): void;
+    private sweep;
+}
+
+type AuthMethodType = 'password' | 'magic-link' | 'passkey';
+interface IDauthUser {
+    _id: string;
+    name: string;
+    lastname: string;
+    nickname: string;
+    email: string;
+    isVerified: boolean;
+    language: string;
+    avatar: {
+        id: string;
+        url: string;
+    };
+    role: string;
+    telPrefix: string;
+    telSuffix: string;
+    birthDate?: string;
+    country?: string;
+    metadata?: Record<string, unknown>;
+    authMethods?: AuthMethodType[];
+    createdAt: Date;
+    updatedAt: Date;
+    lastLogin: Date;
+}
+interface IRequestDauth extends Request {
+    user: IDauthUser;
+    files: {
+        image: {
+            path: string;
+        };
+        avatar: {
+            path: string;
+        };
+    };
+    headers: {
+        authorization: string;
+    };
+}
+interface DauthOptions {
+    domainName: string;
+    tsk: string;
+    cache?: CacheOptions;
+}
+interface TCustomResponse extends Response {
+    status(code: number): this;
+    send(body?: unknown): this;
+}
+
+declare const dauth: ({ domainName, tsk, cache }: DauthOptions) => (req: IRequestDauth, res: TCustomResponse, next: NextFunction) => Promise<void | TCustomResponse>;
+
+export { type AuthMethodType, type CacheOptions, type DauthOptions, type IDauthUser, type IRequestDauth, UserCache, dauth };

package/dist/index.js

@@ -1,8 +1,171 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
-'use strict'
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  UserCache: () => UserCache,
+  dauth: () => dauth
+});
+module.exports = __toCommonJS(index_exports);
+var import_jsonwebtoken = __toESM(require("jsonwebtoken"));
 
-if (process.env.NODE_ENV === 'production') {
-  module.exports = require('./dauth-md-node.cjs.production.min.js')
-} else {
-  module.exports = require('./dauth-md-node.cjs.development.js')
+// src/api/utils/config.ts
+var apiVersion = "v1";
+var serverDomain = "dauth.ovh";
+function getServerBasePath() {
+  if (process.env.DAUTH_URL) {
+    const base = process.env.DAUTH_URL.replace(/\/+$/, "");
+    return `${base}/api/${apiVersion}`;
+  }
+  const isLocalhost = process.env.NODE_ENV === "development";
+  const serverPort = 4012;
+  const serverLocalUrl = `http://localhost:${serverPort}/api/${apiVersion}`;
+  const serverProdUrl = `https://${serverDomain}/api/${apiVersion}`;
+  return isLocalhost ? serverLocalUrl : serverProdUrl;
 }
+
+// src/api/dauth.api.ts
+async function getUser(token, domainName) {
+  const response = await fetch(
+    `${getServerBasePath()}/app/${domainName}/user`,
+    {
+      method: "GET",
+      headers: {
+        Authorization: token,
+        "Content-Type": "application/json"
+      }
+    }
+  );
+  const data = await response.json();
+  return { response: { status: response.status }, data };
+}
+
+// src/cache.ts
+var UserCache = class {
+  store = /* @__PURE__ */ new Map();
+  ttlMs;
+  constructor(options) {
+    this.ttlMs = options.ttlMs;
+  }
+  get(token) {
+    const entry = this.store.get(token);
+    if (!entry) return void 0;
+    if (Date.now() > entry.expiresAt) {
+      this.store.delete(token);
+      return void 0;
+    }
+    return entry.user;
+  }
+  set(token, user) {
+    if (this.store.size > 1e3) {
+      this.sweep();
+    }
+    this.store.set(token, { user, expiresAt: Date.now() + this.ttlMs });
+  }
+  clear() {
+    this.store.clear();
+  }
+  sweep() {
+    const now = Date.now();
+    for (const [key, entry] of this.store) {
+      if (now > entry.expiresAt) {
+        this.store.delete(key);
+      }
+    }
+  }
+};
+
+// src/index.ts
+var dauth = ({ domainName, tsk, cache }) => {
+  const userCache = cache ? new UserCache(cache) : null;
+  return async (req, res, next) => {
+    if (!req.headers.authorization) {
+      return res.status(403).send({ status: "token-not-found", message: "Token not found" });
+    }
+    const token = req.headers.authorization.replace(/['"]+/g, "");
+    try {
+      import_jsonwebtoken.default.verify(token, tsk);
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Token invalid";
+      if (message === "jwt expired") {
+        return res.status(401).send({ status: "token-expired", message: "jwt expired" });
+      }
+      if (message === "invalid signature") {
+        return res.status(401).send({
+          status: "tsk-not-invalid",
+          message: "The TSK variable in the backend middleware is not valid"
+        });
+      }
+      return res.status(401).send({ status: "token-invalid", message });
+    }
+    if (userCache) {
+      const cachedUser = userCache.get(token);
+      if (cachedUser) {
+        req.user = cachedUser;
+        return next();
+      }
+    }
+    try {
+      const getUserFetch = await getUser(token, domainName);
+      if (getUserFetch.response.status === 404) {
+        return res.status(404).send({
+          status: "user-not-found",
+          message: getUserFetch.data.message ?? "User does not exist"
+        });
+      }
+      if (getUserFetch.response.status === 500) {
+        return res.status(500).send({
+          status: "error",
+          message: getUserFetch.data.message ?? "Dauth server error"
+        });
+      }
+      if (getUserFetch.response.status === 200) {
+        req.user = getUserFetch.data.user;
+        if (userCache) {
+          userCache.set(token, req.user);
+        }
+        return next();
+      }
+      return res.status(501).send({
+        status: "request-error",
+        message: getUserFetch.data.message ?? "Dauth server error"
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Dauth server error";
+      return res.status(500).send({ status: "server-error", message });
+    }
+  };
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  UserCache,
+  dauth
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts","../src/api/utils/config.ts","../src/api/dauth.api.ts","../src/cache.ts"],"sourcesContent":["import { Request, NextFunction, Response as ExpressResponse } from 'express';\nimport jwt from 'jsonwebtoken';\nimport { getUser } from './api/dauth.api';\nimport { UserCache } from './cache';\nimport type { CacheOptions } from './cache';\n\nexport type AuthMethodType = 'password' | 'magic-link' | 'passkey';\n\nexport interface IDauthUser {\n  _id: string;\n  name: string;\n  lastname: string;\n  nickname: string;\n  email: string;\n  isVerified: boolean;\n  language: string;\n  avatar: {\n    id: string;\n    url: string;\n  };\n  role: string;\n  telPrefix: string;\n  telSuffix: string;\n  birthDate?: string;\n  country?: string;\n  metadata?: Record<string, unknown>;\n  authMethods?: AuthMethodType[];\n  createdAt: Date;\n  updatedAt: Date;\n  lastLogin: Date;\n}\n\nexport interface IRequestDauth extends Request {\n  user: IDauthUser;\n  files: {\n    image: { path: string };\n    avatar: { path: string };\n  };\n  headers: {\n    authorization: string;\n  };\n}\n\nexport interface DauthOptions {\n  domainName: string;\n  tsk: string;\n  cache?: CacheOptions;\n}\n\ninterface TCustomResponse extends ExpressResponse {\n  status(code: number): this;\n  send(body?: unknown): this;\n}\n\nexport { UserCache };\nexport type { CacheOptions };\n\nexport const dauth = ({ domainName, tsk, cache }: DauthOptions) => {\n  const userCache = cache ? new UserCache(cache) : null;\n\n  return async (\n    req: IRequestDauth,\n    res: TCustomResponse,\n    next: NextFunction\n  ) => {\n    if (!req.headers.authorization) {\n      return res\n        .status(403)\n        .send({ status: 'token-not-found', message: 'Token not found' });\n    }\n\n    const token = req.headers.authorization.replace(/['\"]+/g, '');\n\n    try {\n      jwt.verify(token, tsk);\n    } catch (error) {\n      const message =\n        error instanceof Error ? error.message : 'Token invalid';\n\n      if (message === 'jwt expired') {\n        return res\n          .status(401)\n          .send({ status: 'token-expired', message: 'jwt expired' });\n      }\n      if (message === 'invalid signature') {\n        return res.status(401).send({\n          status: 'tsk-not-invalid',\n          message:\n            'The TSK variable in the backend middleware is not valid',\n        });\n      }\n      return res\n        .status(401)\n        .send({ status: 'token-invalid', message });\n    }\n\n    if (userCache) {\n      const cachedUser = userCache.get(token);\n      if (cachedUser) {\n        req.user = cachedUser;\n        return next();\n      }\n    }\n\n    try {\n      const getUserFetch = await getUser(token, domainName);\n\n      if (getUserFetch.response.status === 404) {\n        return res.status(404).send({\n          status: 'user-not-found',\n          message: getUserFetch.data.message ?? 'User does not exist',\n        });\n      }\n      if (getUserFetch.response.status === 500) {\n        return res.status(500).send({\n          status: 'error',\n          message: getUserFetch.data.message ?? 'Dauth server error',\n        });\n      }\n      if (getUserFetch.response.status === 200) {\n        req.user = getUserFetch.data.user;\n        if (userCache) {\n          userCache.set(token, req.user);\n        }\n        return next();\n      }\n      return res.status(501).send({\n        status: 'request-error',\n        message: getUserFetch.data.message ?? 'Dauth server error',\n      });\n    } catch (error) {\n      const message =\n        error instanceof Error ? error.message : 'Dauth server error';\n      return res\n        .status(500)\n        .send({ status: 'server-error', message });\n    }\n  };\n};\n","export const apiVersion = 'v1';\nexport const serverDomain = 'dauth.ovh';\n\nexport function getServerBasePath(): string {\n  if (process.env.DAUTH_URL) {\n    const base = process.env.DAUTH_URL.replace(/\\/+$/, '');\n    return `${base}/api/${apiVersion}`;\n  }\n\n  const isLocalhost = process.env.NODE_ENV === 'development';\n  const serverPort = 4012;\n  const serverLocalUrl = `http://localhost:${serverPort}/api/${apiVersion}`;\n  const serverProdUrl = `https://${serverDomain}/api/${apiVersion}`;\n  return isLocalhost ? serverLocalUrl : serverProdUrl;\n}\n","import { getServerBasePath } from './utils/config';\n\ninterface GetUserResponse {\n  response: { status: number };\n  data: { user?: any; message?: string };\n}\n\nexport async function getUser(\n  token: string,\n  domainName: string\n): Promise<GetUserResponse> {\n  const response = await fetch(\n    `${getServerBasePath()}/app/${domainName}/user`,\n    {\n      method: 'GET',\n      headers: {\n        Authorization: token,\n        'Content-Type': 'application/json',\n      },\n    }\n  );\n  const data = (await response.json()) as GetUserResponse['data'];\n  return { response: { status: response.status }, data };\n}\n","import { IDauthUser } from './index';\n\ninterface CacheEntry {\n  user: IDauthUser;\n  expiresAt: number;\n}\n\nexport interface CacheOptions {\n  ttlMs: number;\n}\n\nexport class UserCache {\n  private store = new Map<string, CacheEntry>();\n  private ttlMs: number;\n\n  constructor(options: CacheOptions) {\n    this.ttlMs = options.ttlMs;\n  }\n\n  get(token: string): IDauthUser | undefined {\n    const entry = this.store.get(token);\n    if (!entry) return undefined;\n\n    if (Date.now() > entry.expiresAt) {\n      this.store.delete(token);\n      return undefined;\n    }\n\n    return entry.user;\n  }\n\n  set(token: string, user: IDauthUser): void {\n    if (this.store.size > 1000) {\n      this.sweep();\n    }\n    this.store.set(token, { user, expiresAt: Date.now() + this.ttlMs });\n  }\n\n  clear(): void {\n    this.store.clear();\n  }\n\n  private sweep(): void {\n    const now = Date.now();\n    for (const [key, entry] of this.store) {\n      if (now > entry.expiresAt) {\n        this.store.delete(key);\n      }\n    }\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AACA,0BAAgB;;;ACDT,IAAM,aAAa;AACnB,IAAM,eAAe;AAErB,SAAS,oBAA4B;AAC1C,MAAI,QAAQ,IAAI,WAAW;AACzB,UAAM,OAAO,QAAQ,IAAI,UAAU,QAAQ,QAAQ,EAAE;AACrD,WAAO,GAAG,IAAI,QAAQ,UAAU;AAAA,EAClC;AAEA,QAAM,cAAc,QAAQ,IAAI,aAAa;AAC7C,QAAM,aAAa;AACnB,QAAM,iBAAiB,oBAAoB,UAAU,QAAQ,UAAU;AACvE,QAAM,gBAAgB,WAAW,YAAY,QAAQ,UAAU;AAC/D,SAAO,cAAc,iBAAiB;AACxC;;;ACPA,eAAsB,QACpB,OACA,YAC0B;AAC1B,QAAM,WAAW,MAAM;AAAA,IACrB,GAAG,kBAAkB,CAAC,QAAQ,UAAU;AAAA,IACxC;AAAA,MACE,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe;AAAA,QACf,gBAAgB;AAAA,MAClB;AAAA,IACF;AAAA,EACF;AACA,QAAM,OAAQ,MAAM,SAAS,KAAK;AAClC,SAAO,EAAE,UAAU,EAAE,QAAQ,SAAS,OAAO,GAAG,KAAK;AACvD;;;ACZO,IAAM,YAAN,MAAgB;AAAA,EACb,QAAQ,oBAAI,IAAwB;AAAA,EACpC;AAAA,EAER,YAAY,SAAuB;AACjC,SAAK,QAAQ,QAAQ;AAAA,EACvB;AAAA,EAEA,IAAI,OAAuC;AACzC,UAAM,QAAQ,KAAK,MAAM,IAAI,KAAK;AAClC,QAAI,CAAC,MAAO,QAAO;AAEnB,QAAI,KAAK,IAAI,IAAI,MAAM,WAAW;AAChC,WAAK,MAAM,OAAO,KAAK;AACvB,aAAO;AAAA,IACT;AAEA,WAAO,MAAM;AAAA,EACf;AAAA,EAEA,IAAI,OAAe,MAAwB;AACzC,QAAI,KAAK,MAAM,OAAO,KAAM;AAC1B,WAAK,MAAM;AAAA,IACb;AACA,SAAK,MAAM,IAAI,OAAO,EAAE,MAAM,WAAW,KAAK,IAAI,IAAI,KAAK,MAAM,CAAC;AAAA,EACpE;AAAA,EAEA,QAAc;AACZ,SAAK,MAAM,MAAM;AAAA,EACnB;AAAA,EAEQ,QAAc;AACpB,UAAM,MAAM,KAAK,IAAI;AACrB,eAAW,CAAC,KAAK,KAAK,KAAK,KAAK,OAAO;AACrC,UAAI,MAAM,MAAM,WAAW;AACzB,aAAK,MAAM,OAAO,GAAG;AAAA,MACvB;AAAA,IACF;AAAA,EACF;AACF;;;AHOO,IAAM,QAAQ,CAAC,EAAE,YAAY,KAAK,MAAM,MAAoB;AACjE,QAAM,YAAY,QAAQ,IAAI,UAAU,KAAK,IAAI;AAEjD,SAAO,OACL,KACA,KACA,SACG;AACH,QAAI,CAAC,IAAI,QAAQ,eAAe;AAC9B,aAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,mBAAmB,SAAS,kBAAkB,CAAC;AAAA,IACnE;AAEA,UAAM,QAAQ,IAAI,QAAQ,cAAc,QAAQ,UAAU,EAAE;AAE5D,QAAI;AACF,0BAAAA,QAAI,OAAO,OAAO,GAAG;AAAA,IACvB,SAAS,OAAO;AACd,YAAM,UACJ,iBAAiB,QAAQ,MAAM,UAAU;AAE3C,UAAI,YAAY,eAAe;AAC7B,eAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,iBAAiB,SAAS,cAAc,CAAC;AAAA,MAC7D;AACA,UAAI,YAAY,qBAAqB;AACnC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,QAAQ;AAAA,UACR,SACE;AAAA,QACJ,CAAC;AAAA,MACH;AACA,aAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,iBAAiB,QAAQ,CAAC;AAAA,IAC9C;AAEA,QAAI,WAAW;AACb,YAAM,aAAa,UAAU,IAAI,KAAK;AACtC,UAAI,YAAY;AACd,YAAI,OAAO;AACX,eAAO,KAAK;AAAA,MACd;AAAA,IACF;AAEA,QAAI;AACF,YAAM,eAAe,MAAM,QAAQ,OAAO,UAAU;AAEpD,UAAI,aAAa,SAAS,WAAW,KAAK;AACxC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,QAAQ;AAAA,UACR,SAAS,aAAa,KAAK,WAAW;AAAA,QACxC,CAAC;AAAA,MACH;AACA,UAAI,aAAa,SAAS,WAAW,KAAK;AACxC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,QAAQ;AAAA,UACR,SAAS,aAAa,KAAK,WAAW;AAAA,QACxC,CAAC;AAAA,MACH;AACA,UAAI,aAAa,SAAS,WAAW,KAAK;AACxC,YAAI,OAAO,aAAa,KAAK;AAC7B,YAAI,WAAW;AACb,oBAAU,IAAI,OAAO,IAAI,IAAI;AAAA,QAC/B;AACA,eAAO,KAAK;AAAA,MACd;AACA,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,QAC1B,QAAQ;AAAA,QACR,SAAS,aAAa,KAAK,WAAW;AAAA,MACxC,CAAC;AAAA,IACH,SAAS,OAAO;AACd,YAAM,UACJ,iBAAiB,QAAQ,MAAM,UAAU;AAC3C,aAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,gBAAgB,QAAQ,CAAC;AAAA,IAC7C;AAAA,EACF;AACF;","names":["jwt"]}

package/dist/index.mjs

@@ -0,0 +1,135 @@
+// src/index.ts
+import jwt from "jsonwebtoken";
+
+// src/api/utils/config.ts
+var apiVersion = "v1";
+var serverDomain = "dauth.ovh";
+function getServerBasePath() {
+  if (process.env.DAUTH_URL) {
+    const base = process.env.DAUTH_URL.replace(/\/+$/, "");
+    return `${base}/api/${apiVersion}`;
+  }
+  const isLocalhost = process.env.NODE_ENV === "development";
+  const serverPort = 4012;
+  const serverLocalUrl = `http://localhost:${serverPort}/api/${apiVersion}`;
+  const serverProdUrl = `https://${serverDomain}/api/${apiVersion}`;
+  return isLocalhost ? serverLocalUrl : serverProdUrl;
+}
+
+// src/api/dauth.api.ts
+async function getUser(token, domainName) {
+  const response = await fetch(
+    `${getServerBasePath()}/app/${domainName}/user`,
+    {
+      method: "GET",
+      headers: {
+        Authorization: token,
+        "Content-Type": "application/json"
+      }
+    }
+  );
+  const data = await response.json();
+  return { response: { status: response.status }, data };
+}
+
+// src/cache.ts
+var UserCache = class {
+  store = /* @__PURE__ */ new Map();
+  ttlMs;
+  constructor(options) {
+    this.ttlMs = options.ttlMs;
+  }
+  get(token) {
+    const entry = this.store.get(token);
+    if (!entry) return void 0;
+    if (Date.now() > entry.expiresAt) {
+      this.store.delete(token);
+      return void 0;
+    }
+    return entry.user;
+  }
+  set(token, user) {
+    if (this.store.size > 1e3) {
+      this.sweep();
+    }
+    this.store.set(token, { user, expiresAt: Date.now() + this.ttlMs });
+  }
+  clear() {
+    this.store.clear();
+  }
+  sweep() {
+    const now = Date.now();
+    for (const [key, entry] of this.store) {
+      if (now > entry.expiresAt) {
+        this.store.delete(key);
+      }
+    }
+  }
+};
+
+// src/index.ts
+var dauth = ({ domainName, tsk, cache }) => {
+  const userCache = cache ? new UserCache(cache) : null;
+  return async (req, res, next) => {
+    if (!req.headers.authorization) {
+      return res.status(403).send({ status: "token-not-found", message: "Token not found" });
+    }
+    const token = req.headers.authorization.replace(/['"]+/g, "");
+    try {
+      jwt.verify(token, tsk);
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Token invalid";
+      if (message === "jwt expired") {
+        return res.status(401).send({ status: "token-expired", message: "jwt expired" });
+      }
+      if (message === "invalid signature") {
+        return res.status(401).send({
+          status: "tsk-not-invalid",
+          message: "The TSK variable in the backend middleware is not valid"
+        });
+      }
+      return res.status(401).send({ status: "token-invalid", message });
+    }
+    if (userCache) {
+      const cachedUser = userCache.get(token);
+      if (cachedUser) {
+        req.user = cachedUser;
+        return next();
+      }
+    }
+    try {
+      const getUserFetch = await getUser(token, domainName);
+      if (getUserFetch.response.status === 404) {
+        return res.status(404).send({
+          status: "user-not-found",
+          message: getUserFetch.data.message ?? "User does not exist"
+        });
+      }
+      if (getUserFetch.response.status === 500) {
+        return res.status(500).send({
+          status: "error",
+          message: getUserFetch.data.message ?? "Dauth server error"
+        });
+      }
+      if (getUserFetch.response.status === 200) {
+        req.user = getUserFetch.data.user;
+        if (userCache) {
+          userCache.set(token, req.user);
+        }
+        return next();
+      }
+      return res.status(501).send({
+        status: "request-error",
+        message: getUserFetch.data.message ?? "Dauth server error"
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : "Dauth server error";
+      return res.status(500).send({ status: "server-error", message });
+    }
+  };
+};
+export {
+  UserCache,
+  dauth
+};
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts","../src/api/utils/config.ts","../src/api/dauth.api.ts","../src/cache.ts"],"sourcesContent":["import { Request, NextFunction, Response as ExpressResponse } from 'express';\nimport jwt from 'jsonwebtoken';\nimport { getUser } from './api/dauth.api';\nimport { UserCache } from './cache';\nimport type { CacheOptions } from './cache';\n\nexport type AuthMethodType = 'password' | 'magic-link' | 'passkey';\n\nexport interface IDauthUser {\n  _id: string;\n  name: string;\n  lastname: string;\n  nickname: string;\n  email: string;\n  isVerified: boolean;\n  language: string;\n  avatar: {\n    id: string;\n    url: string;\n  };\n  role: string;\n  telPrefix: string;\n  telSuffix: string;\n  birthDate?: string;\n  country?: string;\n  metadata?: Record<string, unknown>;\n  authMethods?: AuthMethodType[];\n  createdAt: Date;\n  updatedAt: Date;\n  lastLogin: Date;\n}\n\nexport interface IRequestDauth extends Request {\n  user: IDauthUser;\n  files: {\n    image: { path: string };\n    avatar: { path: string };\n  };\n  headers: {\n    authorization: string;\n  };\n}\n\nexport interface DauthOptions {\n  domainName: string;\n  tsk: string;\n  cache?: CacheOptions;\n}\n\ninterface TCustomResponse extends ExpressResponse {\n  status(code: number): this;\n  send(body?: unknown): this;\n}\n\nexport { UserCache };\nexport type { CacheOptions };\n\nexport const dauth = ({ domainName, tsk, cache }: DauthOptions) => {\n  const userCache = cache ? new UserCache(cache) : null;\n\n  return async (\n    req: IRequestDauth,\n    res: TCustomResponse,\n    next: NextFunction\n  ) => {\n    if (!req.headers.authorization) {\n      return res\n        .status(403)\n        .send({ status: 'token-not-found', message: 'Token not found' });\n    }\n\n    const token = req.headers.authorization.replace(/['\"]+/g, '');\n\n    try {\n      jwt.verify(token, tsk);\n    } catch (error) {\n      const message =\n        error instanceof Error ? error.message : 'Token invalid';\n\n      if (message === 'jwt expired') {\n        return res\n          .status(401)\n          .send({ status: 'token-expired', message: 'jwt expired' });\n      }\n      if (message === 'invalid signature') {\n        return res.status(401).send({\n          status: 'tsk-not-invalid',\n          message:\n            'The TSK variable in the backend middleware is not valid',\n        });\n      }\n      return res\n        .status(401)\n        .send({ status: 'token-invalid', message });\n    }\n\n    if (userCache) {\n      const cachedUser = userCache.get(token);\n      if (cachedUser) {\n        req.user = cachedUser;\n        return next();\n      }\n    }\n\n    try {\n      const getUserFetch = await getUser(token, domainName);\n\n      if (getUserFetch.response.status === 404) {\n        return res.status(404).send({\n          status: 'user-not-found',\n          message: getUserFetch.data.message ?? 'User does not exist',\n        });\n      }\n      if (getUserFetch.response.status === 500) {\n        return res.status(500).send({\n          status: 'error',\n          message: getUserFetch.data.message ?? 'Dauth server error',\n        });\n      }\n      if (getUserFetch.response.status === 200) {\n        req.user = getUserFetch.data.user;\n        if (userCache) {\n          userCache.set(token, req.user);\n        }\n        return next();\n      }\n      return res.status(501).send({\n        status: 'request-error',\n        message: getUserFetch.data.message ?? 'Dauth server error',\n      });\n    } catch (error) {\n      const message =\n        error instanceof Error ? error.message : 'Dauth server error';\n      return res\n        .status(500)\n        .send({ status: 'server-error', message });\n    }\n  };\n};\n","export const apiVersion = 'v1';\nexport const serverDomain = 'dauth.ovh';\n\nexport function getServerBasePath(): string {\n  if (process.env.DAUTH_URL) {\n    const base = process.env.DAUTH_URL.replace(/\\/+$/, '');\n    return `${base}/api/${apiVersion}`;\n  }\n\n  const isLocalhost = process.env.NODE_ENV === 'development';\n  const serverPort = 4012;\n  const serverLocalUrl = `http://localhost:${serverPort}/api/${apiVersion}`;\n  const serverProdUrl = `https://${serverDomain}/api/${apiVersion}`;\n  return isLocalhost ? serverLocalUrl : serverProdUrl;\n}\n","import { getServerBasePath } from './utils/config';\n\ninterface GetUserResponse {\n  response: { status: number };\n  data: { user?: any; message?: string };\n}\n\nexport async function getUser(\n  token: string,\n  domainName: string\n): Promise<GetUserResponse> {\n  const response = await fetch(\n    `${getServerBasePath()}/app/${domainName}/user`,\n    {\n      method: 'GET',\n      headers: {\n        Authorization: token,\n        'Content-Type': 'application/json',\n      },\n    }\n  );\n  const data = (await response.json()) as GetUserResponse['data'];\n  return { response: { status: response.status }, data };\n}\n","import { IDauthUser } from './index';\n\ninterface CacheEntry {\n  user: IDauthUser;\n  expiresAt: number;\n}\n\nexport interface CacheOptions {\n  ttlMs: number;\n}\n\nexport class UserCache {\n  private store = new Map<string, CacheEntry>();\n  private ttlMs: number;\n\n  constructor(options: CacheOptions) {\n    this.ttlMs = options.ttlMs;\n  }\n\n  get(token: string): IDauthUser | undefined {\n    const entry = this.store.get(token);\n    if (!entry) return undefined;\n\n    if (Date.now() > entry.expiresAt) {\n      this.store.delete(token);\n      return undefined;\n    }\n\n    return entry.user;\n  }\n\n  set(token: string, user: IDauthUser): void {\n    if (this.store.size > 1000) {\n      this.sweep();\n    }\n    this.store.set(token, { user, expiresAt: Date.now() + this.ttlMs });\n  }\n\n  clear(): void {\n    this.store.clear();\n  }\n\n  private sweep(): void {\n    const now = Date.now();\n    for (const [key, entry] of this.store) {\n      if (now > entry.expiresAt) {\n        this.store.delete(key);\n      }\n    }\n  }\n}\n"],"mappings":";AACA,OAAO,SAAS;;;ACDT,IAAM,aAAa;AACnB,IAAM,eAAe;AAErB,SAAS,oBAA4B;AAC1C,MAAI,QAAQ,IAAI,WAAW;AACzB,UAAM,OAAO,QAAQ,IAAI,UAAU,QAAQ,QAAQ,EAAE;AACrD,WAAO,GAAG,IAAI,QAAQ,UAAU;AAAA,EAClC;AAEA,QAAM,cAAc,QAAQ,IAAI,aAAa;AAC7C,QAAM,aAAa;AACnB,QAAM,iBAAiB,oBAAoB,UAAU,QAAQ,UAAU;AACvE,QAAM,gBAAgB,WAAW,YAAY,QAAQ,UAAU;AAC/D,SAAO,cAAc,iBAAiB;AACxC;;;ACPA,eAAsB,QACpB,OACA,YAC0B;AAC1B,QAAM,WAAW,MAAM;AAAA,IACrB,GAAG,kBAAkB,CAAC,QAAQ,UAAU;AAAA,IACxC;AAAA,MACE,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,eAAe;AAAA,QACf,gBAAgB;AAAA,MAClB;AAAA,IACF;AAAA,EACF;AACA,QAAM,OAAQ,MAAM,SAAS,KAAK;AAClC,SAAO,EAAE,UAAU,EAAE,QAAQ,SAAS,OAAO,GAAG,KAAK;AACvD;;;ACZO,IAAM,YAAN,MAAgB;AAAA,EACb,QAAQ,oBAAI,IAAwB;AAAA,EACpC;AAAA,EAER,YAAY,SAAuB;AACjC,SAAK,QAAQ,QAAQ;AAAA,EACvB;AAAA,EAEA,IAAI,OAAuC;AACzC,UAAM,QAAQ,KAAK,MAAM,IAAI,KAAK;AAClC,QAAI,CAAC,MAAO,QAAO;AAEnB,QAAI,KAAK,IAAI,IAAI,MAAM,WAAW;AAChC,WAAK,MAAM,OAAO,KAAK;AACvB,aAAO;AAAA,IACT;AAEA,WAAO,MAAM;AAAA,EACf;AAAA,EAEA,IAAI,OAAe,MAAwB;AACzC,QAAI,KAAK,MAAM,OAAO,KAAM;AAC1B,WAAK,MAAM;AAAA,IACb;AACA,SAAK,MAAM,IAAI,OAAO,EAAE,MAAM,WAAW,KAAK,IAAI,IAAI,KAAK,MAAM,CAAC;AAAA,EACpE;AAAA,EAEA,QAAc;AACZ,SAAK,MAAM,MAAM;AAAA,EACnB;AAAA,EAEQ,QAAc;AACpB,UAAM,MAAM,KAAK,IAAI;AACrB,eAAW,CAAC,KAAK,KAAK,KAAK,KAAK,OAAO;AACrC,UAAI,MAAM,MAAM,WAAW;AACzB,aAAK,MAAM,OAAO,GAAG;AAAA,MACvB;AAAA,IACF;AAAA,EACF;AACF;;;AHOO,IAAM,QAAQ,CAAC,EAAE,YAAY,KAAK,MAAM,MAAoB;AACjE,QAAM,YAAY,QAAQ,IAAI,UAAU,KAAK,IAAI;AAEjD,SAAO,OACL,KACA,KACA,SACG;AACH,QAAI,CAAC,IAAI,QAAQ,eAAe;AAC9B,aAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,mBAAmB,SAAS,kBAAkB,CAAC;AAAA,IACnE;AAEA,UAAM,QAAQ,IAAI,QAAQ,cAAc,QAAQ,UAAU,EAAE;AAE5D,QAAI;AACF,UAAI,OAAO,OAAO,GAAG;AAAA,IACvB,SAAS,OAAO;AACd,YAAM,UACJ,iBAAiB,QAAQ,MAAM,UAAU;AAE3C,UAAI,YAAY,eAAe;AAC7B,eAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,iBAAiB,SAAS,cAAc,CAAC;AAAA,MAC7D;AACA,UAAI,YAAY,qBAAqB;AACnC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,QAAQ;AAAA,UACR,SACE;AAAA,QACJ,CAAC;AAAA,MACH;AACA,aAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,iBAAiB,QAAQ,CAAC;AAAA,IAC9C;AAEA,QAAI,WAAW;AACb,YAAM,aAAa,UAAU,IAAI,KAAK;AACtC,UAAI,YAAY;AACd,YAAI,OAAO;AACX,eAAO,KAAK;AAAA,MACd;AAAA,IACF;AAEA,QAAI;AACF,YAAM,eAAe,MAAM,QAAQ,OAAO,UAAU;AAEpD,UAAI,aAAa,SAAS,WAAW,KAAK;AACxC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,QAAQ;AAAA,UACR,SAAS,aAAa,KAAK,WAAW;AAAA,QACxC,CAAC;AAAA,MACH;AACA,UAAI,aAAa,SAAS,WAAW,KAAK;AACxC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,QAAQ;AAAA,UACR,SAAS,aAAa,KAAK,WAAW;AAAA,QACxC,CAAC;AAAA,MACH;AACA,UAAI,aAAa,SAAS,WAAW,KAAK;AACxC,YAAI,OAAO,aAAa,KAAK;AAC7B,YAAI,WAAW;AACb,oBAAU,IAAI,OAAO,IAAI,IAAI;AAAA,QAC/B;AACA,eAAO,KAAK;AAAA,MACd;AACA,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,QAC1B,QAAQ;AAAA,QACR,SAAS,aAAa,KAAK,WAAW;AAAA,MACxC,CAAC;AAAA,IACH,SAAS,OAAO;AACd,YAAM,UACJ,iBAAiB,QAAQ,MAAM,UAAU;AAC3C,aAAO,IACJ,OAAO,GAAG,EACV,KAAK,EAAE,QAAQ,gBAAgB,QAAQ,CAAC;AAAA,IAC7C;AAAA,EACF;AACF;","names":[]}